[keycloak-user] How to add Admin User

Stian Thorgersen sthorger at redhat.com
Thu Mar 3 13:18:38 EST 2016


Please read the documentation it explains it all
http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116

On 3 March 2016 at 16:24, Andrej Prievalsky <ado.boj.83 at gmail.com> wrote:

> Hi all,
>
> 1.) meantime I tried on keycloak-overlay-1.7.0.Final via
> add-user-keycloak.sh script in wildfly domain mode create Admin user  and I
> got:
>
> [root at keycloakoverlay /opt/wildfly/bin]$ ./add-user-keycloak.sh -u admin
> -p admin
> Added 'admin' to '
> */opt/wildfly/standalone/configuration/keycloak-add-user.json*', restart
> server to load user
>
> Is it correct, that user is created in standalone path?
>
>
> ----------------------------------------------------------------------------
>
> 2.) can I in version 1.7.0.Final create or replace Admin user for Master
> realm with permanent password, which could be created automatically via
> command line and not needed change password manually after first login?
>
> Thanks,
> Andrej.
>
>
> On Thu, Mar 3, 2016 at 1:50 PM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
>>
>>
>> On 3 March 2016 at 13:48, Stan Silvert <ssilvert at redhat.com> wrote:
>>
>>> On 3/3/2016 12:09 AM, Stian Thorgersen wrote:
>>>
>>> The standard add-user script adds WildFly users, we want the standard
>>> script to add Keycloak users. It's a Keycloak server after all.
>>>
>>> You still need WildFly users if you want to use CLI (remotely) or web
>>> console.   As far as I know, we can't secure those things with Keycloak yet.
>>>
>>
>> In the future we will secure it with Keycloak, in the mean time the
>> add-user has a '--container' option.
>>
>>
>>>
>>> There are workarounds, but I'm just saying, WildFly add-user.sh is a
>>> useful tool that we might want to still ship in some form until such time
>>> that CLI and web console is fully integrated with Keycloak.
>>>
>>>
>>> On 2 March 2016 at 20:00, Stan Silvert <ssilvert at redhat.com> wrote:
>>>
>>>> On 3/2/2016 1:50 PM, Stian Thorgersen wrote:
>>>>
>>>> Not a chance. In server dist we want to hide WildFly's add-user script.
>>>>
>>>> I could guess, but I have to ask, why?
>>>>
>>>>
>>>>
>>>> On 2 March 2016 at 14:12, Stan Silvert <ssilvert at redhat.com> wrote:
>>>>
>>>>> On 3/2/2016 7:02 AM, Stian Thorgersen wrote:
>>>>>
>>>>> In overlay the script should be add-user-keycloak. The overlay adds
>>>>> Keycloak server to an existing WildFly installation so we don't want to
>>>>> overwrite any existing files. I appreciate this may be confusing and
>>>>> inconsistent, but at the same time if we did overwrite people would
>>>>> probably complain about us overwriting the existing script.
>>>>>
>>>>> In the server dist this doesn't apply as the server is purely a
>>>>> Keycloak server, not a WildFly server.
>>>>>
>>>>> I guess the solution would be to make server dist consistent with
>>>>> overlay, so both are add-user-keycloak.  Not sure how I feel about that.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 2 March 2016 at 11:10, Bruno Oliveira <bruno at abstractj.org> wrote:
>>>>>
>>>>>> I'm not sure if I follow your question but './add-user.sh -u admin -p
>>>>>> admin' or './add-user.sh -u admin' should work.
>>>>>>
>>>>>> On Wed, Mar 2, 2016 at 7:03 AM Andrej Prievalsky <
>>>>>> ado.boj.83 at gmail.com> wrote:
>>>>>>
>>>>>>> Hi Bruno,
>>>>>>>
>>>>>>> thanks for answer.
>>>>>>> But from
>>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116
>>>>>>> and section: *...you can use the add-user script from the
>>>>>>> command-line.*
>>>>>>> is my question is how exactly should looks like command with
>>>>>>> add-user script?
>>>>>>> Because in past we used this command: add-user.sh –container -u
>>>>>>> admin -p admin
>>>>>>>
>>>>>>> Andrej.
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Mar 2, 2016 at 10:38 AM, Bruno Oliveira <bruno at abstractj.org
>>>>>>> > wrote:
>>>>>>>
>>>>>>>> Hi Andrej, answers inline
>>>>>>>>
>>>>>>>> On Wed, Mar 2, 2016 at 6:13 AM Andrej Prievalsky <
>>>>>>>> ado.boj.83 at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I would like to summary information about How to add Admin User -
>>>>>>>>> chapter 3.2.1.
>>>>>>>>>
>>>>>>>>> My questions are:
>>>>>>>>> 1.) From which version (including) is new concept, that there is
>>>>>>>>> no built in user?
>>>>>>>>>
>>>>>>>>
>>>>>>>> 1.8.0 See:
>>>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/Migration_from_older_versions.html#d4e4031
>>>>>>>>
>>>>>>>>
>>>>>>>>> 2a.) What is exact command via add-user script (add-user.sh) for
>>>>>>>>> create admin user ?
>>>>>>>>>
>>>>>>>>
>>>>>>>> See:
>>>>>>>> http://keycloak.github.io/docs/userguide/keycloak-server/html/server-installation.html#d4e116
>>>>>>>>
>>>>>>>>
>>>>>>>>> 2b.) Same question like in 2a, but in keycloak-overlay (
>>>>>>>>> add-user-keycloak.sh)?
>>>>>>>>>
>>>>>>>>
>>>>>>>> You are correct. Maybe this is an inconsistency to be fixed.
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks and Best Regards,
>>>>>>>>> Andrej.
>>>>>>>>> _______________________________________________
>>>>>>>>> keycloak-user mailing list
>>>>>>>>> keycloak-user at lists.jboss.org
>>>>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>> _______________________________________________
>>>>>> keycloak-user mailing list
>>>>>> keycloak-user at lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing listkeycloak-user at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> keycloak-user mailing list
>>>>> keycloak-user at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160303/6dbbf391/attachment-0001.html 


More information about the keycloak-user mailing list